Oktoberfest Press Tour, 22-24 September: Kaspersky Security Symposium

Oktoberfest Press Tour, 22-24 September: Kaspersky Security Symposium

Kaspersky Lab held an Oktoberfest Press Tour titled ‘The Kaspersky Security Symposium’. The Company’s leading security experts shared their insights with media representatives from all over the world regarding the latest cybercrime trends this autumn. This took place in Munich, right next door to the Oktoberfest fairground, on 22-24 September, 2010.

Eugene Kaspersky, CEO, Andreas Lamm, Managing Director, Europe and Magnus Kalkuhl, Head of the Global Research and Analysis Team, Europe, opened the event divided into three parallel themes: Cybercrime Technology, Cybercrime in Everyday Life and Cybercrime Versus the Law.

For several years, cybercriminals have been using targeted attacks to gain unauthorized access to corporate and SMB networks. But what is it about Stuxnet in particular that has made the whole IT industry suddenly sit up and take notice, and can we even survive in this new age of targeted attacks? Recently, the level of sophistication of targeted attacks has dramatically increased in terms of malware technologies, attack organization and social engineering techniques. This presentation aims to cover both the technical and social aspects of targeted attacks. It will look closely at Stuxnet, the most sophisticated scenario we’ve seen so far, and reveal the reason for its success. Stefan Tanase will also explain how to recognize these attacks and offer practical advice about how an organization can effectively protect itself against these new threats.

David Jacoby
Senior Security Researcher, Nordics, Global Research and Analysis Team

This presentation will highlight some of the automated tools and methods that the cybercriminals use for mass-defacements, botnets, drive-by downloads and credit card fraud, etc. Some of them target not only Windows, but Linux and Unix-based operating systems as well. There is a popular misconception that Linux and Unix-based operating systems are not susceptible to infection by viruses - maybe that is true for typical viruses - but there is still malicious code that can infect these machines. Such infected machines then become hosts for other malware which subsequently propagates via drive-by downloads. This presentation will also examine what can be done to prevent these systems from becoming a target.

Scareware has been around for more than 4 years already and during that time it has evolved from being fairly primitive into a very well organized business. Not only do the graphical interfaces look very much like the real thing, but the business models of many Rogue AVs convincingly mirror those of well-known, mainstream software companies. Although Rogue AV is a niche in the sphere of cybercrime, it is sufficiently profitable to allow the provision of such things as live technical support – a fact that only came to light during Nicolas’ latest research and will be discussed during the presentation. Nicolas will also cover the evolution and history of scareware from 2006 to 2010, contemporary propagation techniques such as black hat SEO, fake social network profiles and spam campaigns, etc.

Stealing online gaming accounts had been considered a smalltime affair within the vast world of cybercrime, until that is, World of Warcraft became the catalyst for a huge wave of successful MMORPG's - and that is when the cybercriminals struck gold. Christian will step inside of the evolution of the underground economy that has grown up around online gaming and try to estimate just how much illegal money flows in and out of this murky world of virtual heroes. What does the future hold for the industry and can we predict whether the underground economy will boom once again?

Maria Namestnikova
Senior Spam Analyst, Content Filtering

This is the one question that everybody asks. After all, there must be a logical explanation behind users in the USA receiving 20% more Viagra-themed spam than users in Russia. It is not readily obvious why the same message couldn’t be sent to everybody, thereby saving the spammer time and effort. But that is just not how it works. So is it simply anti-spam legislation that makes the difference, or are there other, less obvious, factors at work here? The situation is certainly more complex than it appears to be at first glance. There are many reasons why the spammers distribute a diverse range of materials, and whilst anti-spam legislation and cultural diversity play their part, they are not the main reasons. So what is the answer?

The goal of IT security experts is to protect computer systems. They are conducting research which will allow law enforcement organizations to identify and locate the bad guys. IT security guys also provide technical solutions to counter the biggest threats and protect the global infrastructure of the Internet. Unfortunately, from time to time they face limitations created by the legislation of different countries. This presentation will feature actual examples of Kaspersky Lab’s research projects and ideas to save the world that have had to be put on hold due to such legal issues.